Senior IT Security Engineer at NEAR Foundation leading information security program and compliance initiatives. Partnering with IT teams for secure architectural design and risk management.
MO
Information Security Engineer – Application Security Focus
Posted 3 months ago
About the role
- Senior Information Security Engineer designing secure software solutions at Mechanical Orchard, specializing in application security and cloud environments.
Responsibilities
- Build Security into Development: Work alongside engineering teams to integrate security throughout the SDLC; from design reviews and threat modeling to secure coding practices. Conduct security assessments of applications, APIs, and cloud infrastructure. Guide developers on secure authentication, authorization, cryptography, and data protection. Champion security best practices while maintaining developer velocity and trust.
- Implement Security Tooling & Automation: Deploy and manage application security tools including SAST, DAST, SCA, and container scanning. Build automation for security testing in CI/CD pipelines. Implement and improve secrets management solutions. Create dashboards and metrics to track security posture.
- Drive Security Initiatives: Lead application vulnerability management programs including triage, prioritization, and driving remediation. Support security compliance efforts (SOC 2, ISO 27001, or similar frameworks). Contribute to incident response and security event investigation. Develop security training and documentation for engineering teams.
- Collaborate Across Teams: Partner with infrastructure and DevOps teams on cloud security controls. Perform risk assessments for new features, technologies, and third-party integrations. Participate in architecture reviews and provide security guidance.
Requirements
- Bachelor’s degree in Computer Science, Software Engineering, Information Security, or a related technical field, or equivalent practical experience.
- Strong written and verbal communication skills in English.
- 5+ years of professional experience in information security, with a significant focus on application and cloud security.
- Professional software development experience, with hands-on responsibility for designing, building, and maintaining production systems in a language like Python, Go, Java, JavaScript, or similar.
- Strong understanding of application security principles: OWASP Top 10, secure authentication/authorization, encryption, API security.
- Experience with cloud platforms (AWS, GCP, or Azure) and cloud-native security.
- Hands-on experience with CI/CD systems and DevOps practices.
- Knowledge of container security and orchestration platforms (Docker, Kubernetes).
- Experience implementing security tools like SAST/DAST scanners, dependency checkers, or secrets detection.
- Experience with security tools such as Aikido, Snyk, Semgrep, Trivy, Wiz, HashiCorp Vault, or similar.
- Collaborative mindset—you build security solutions with engineers, not against them.
Benefits
- Employee accommodations for disabilities.
- Equal employment opportunities for all applicants.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Bilingual Security Director for International SOS driving revenue growth of health security subscription services in Canada. Supporting consulting, training, and managed services with trusted client relationships.
Program Manager driving complex engineering projects within the Product Security organization at CrowdStrike. Collaborating cross - functionally to ensure timely delivery of security solutions across product portfolios.
Security Engineer focused on matching technology opportunities with customer business objectives at Tenable. Delivering technical presentations and driving successful customer engagements in cybersecurity solutions.
Business Development & Capture Lead for Global Spatial Technology Solutions driving revenue growth in defence sector. Engaging senior stakeholders and leading proposal development across global markets from a remote location.
IT & Security Specialist managing IT operations, security, and infrastructure for Senstar, a leader in security technology. Hands - on role blending end - user support, cybersecurity, and infrastructure management.
HR Systems Security Specialist responsible for design, configuration, and administration of security within Workday and SAP. Collaborating with HR and stakeholders to ensure effective access design and compliance.
Cybersecurity advisor working within the DCYB to develop IT security measures. Collaborating with teams to fortify cybersecurity posture and ensuring data protection for citizens.
Consultant in remuneration and occupational health and safety at the Quebec Federation of Municipalities. Ensuring employee needs match organizational requirements and promoting a safe work environment.
Cybersecurity Administrator providing operational support for compliance activities in information security. Assisting vendor risk management, audit coordination, and vulnerability tracking.